<?php
	/**
	* Change logs
	* Jan 29, 2011 - trungdt - Remove record in openid table if exist
	*                          Implement email better
	* Feb 22, 2011 - Trungdt - Add save status of pray_register
	*                           For pray online only
	* Mar 6, 2011 - trungdt - Remove save user pray time register
	*                         Dont allow user login after succ register
	*                          
	*/
	if (!defined('EXPONENT')) exit('');

	if ( (!$user || $user->id==0) && SITE_ALLOW_REGISTRATION == 1) {
		$i18n = exponent_lang_loadFile('modules/loginmodule/actions/saveuser.php');

		$captcha_real = exponent_sessions_get('captcha_string');
		if (!defined('SYS_USERS')) require_once(BASE.'subsystems/users.php');
		if (!defined('SYS_SECURITY')) require_once(BASE.'subsystems/security.php');
		$username_error = exponent_security_checkUsername($_POST['username']);
		if ($username_error != '')	{
			unset($_POST['username']);		
			validator::failAndReturnToForm(sprintf($i18n['username_failed'],$username_error), $_POST);
		}
		else if (exponent_users_getUserByName($_POST['username']) != null) {
				unset($_POST['username']);
				validator::failAndReturnToForm($i18n['username_taken'], $_POST);
			} else if ($_POST['pass1'] != $_POST['pass2']) {
					unset($_POST['pass1']);
					unset($_POST['pass2']);
					validator::failAndReturnToForm($i18n['unmatched_passwords'], $_POST);
				} else {		
					$strength_error = exponent_security_checkPasswordStrength($_POST['username'],$_POST['pass1']);
					if ($strength_error != '') {
						unset($_POST['pass1']);
						unset($_POST['pass2']);
						validator::failAndReturnToForm(sprintf($i18n['not_strong_enough'],$strength_error), $_POST);
					} else {
						// Finally, check the captcha
						validator::validate(array('captcha'=>'captcha_string'), $_POST);
						exponent_sessions_unset('captcha_string');
						$u = exponent_users_create($_POST,null);
						//$u = exponent_users_saveProfileExtensions($_POST,$u,true);
						// Mar 6, 2011 - trungdt - dont allow user login after create new profile succ because we need user registration confirm
						exponent_users_login($_POST['username'],$_POST['pass1']);
						// 9/4/2009 Immanuel192 change this line: we will show user a result page
						//exponent_flow_redirect();
						// create email body message
						/*
						Oct 9, 2011 - trungdt- move code send email to user into
								exponent_users_create
						$e_template = new template('loginmodule','_user_create_done',$loc);
						$e_template->assign('user',$u);
						$e_template->assign('password',$_POST['pass1']);
						$msg = $e_template->render();
						// send mail
						if (!defined('SYS_SMTP')) require_once(BASE.'subsystems/smtp.php');
						@exponent_smtp_mail($u->email,SITE_TITLE.' <'.SMTP_FROMADDRESS.'>',"Welcome to " . SITE_TITLE,$msg);*/
						
						// Jan 29, 2011 - trungdt - remove openid record
						$db->delete("openid_users","email = '{$u->email}'");
						if (isset($_REQUEST['openid']))
						{
							header("Location: /"); // redirect 
						}
						else
						{
							$template = new template('loginmodule','_final_message');
							$template->assign('message',$i18n['save_user_done']);
							$template->assign('url',exponent_flow_get());
							$template->output();    
						}

					}
		}
	} else {
		echo exponent_http_error(403);
	}

?>
